Dark Patterns and Addictive Design Under EU Law

The digital marketplace has shifted from capturing transactions to capturing attention. Prof Herbert A Simon theorized the phenomenon of the “attention economy,” where user engagement becomes the core monetisable asset.

In this environment, interface architecture is not neutral, as choices influence behaviour. Features such as auto-play, push notifications and infinite scrolling are engineered to extend engagement time and increase conversion rates.

A subset of these techniques is now widely referred to as “addictive design”. This includes digital features intentionally structured to create habitual or compulsive engagement patterns.

From a legal perspective, the critical question is not whether engagement is increased, but whether autonomy is materially impaired.

The term “dark patterns” has gained prominence in both academic and regulatory discourse, yet no single uniform legal definition exists across EU law.

Under the DSA, Recital 67 refers to practices that “materially distort or impair, either on purpose or in effect, the ability of recipients of the service to make autonomous and informed choices or decisions.” According to the same Act, these practices are prohibited.

Although not referred to as ‘dark patterns’, the Unfair Commercial Practices Directive (UCPD) prohibits commercial practices that are considered misleading or aggressive. The directive safeguards consumers from unfair business-to-consumer (B2C) practices in advertising, sales, and after-sales services. The UCPD explicitly prohibits only a limited subset of dark patterns as outlined in Annex I, and these restrictions do not specifically address digital interfaces.

Despite definitional variations, two core elements appear to be common with dark patterns:

1. Manipulative or deceptive interface design.
2. A harmful or autonomy-impairing outcome.

The European Commission sent three requests for information to Shein on 28 June 2024, 6 February 2025 and 26 November 2025 seeking more information on the company's compliance with the DSA, in particular in relation to consumers' and minors' protection, and on the transparency of its recommender systems.

The European Commission’s formal proceedings against SHEIN highlight that addictive design is now an enforceable compliance issue. The case shows that engagement-focused commercial models, powered by large-scale data and algorithmic recommendations, can pose systemic risks to consumer protection, minors, and fundamental rights.

The Commission initiated formal proceedings following preliminary analysis of:

• SHEIN’s DSA risk assessment reports;
• Responses to multiple formal requests for information;
• Information provided by third parties and consumer authorities.

The investigation sits within the DSA’s supervisory framework for Very Large Online Platforms (VLOPs), which are online platforms that reach at least 45 million average monthly users in the EU and are therefore subject to enhanced obligations. SHEIN was designated as a VLOP in 2024.

Importantly, the DSA proceedings run in parallel with coordinated consumer protection enforcement actions under the Consumer Protection Cooperation (CPC) Network and with product safety scrutiny under the General Product Safety Regulation (GPSR). This multi-layered enforcement approach reflects the EU’s integrated regulatory architecture.

The Commission’s investigation focuses on three interrelated pillars:

• The risks linked to the addictive design of the service, including giving consumers points or rewards for engagement, as well as the systems SHEIN has in place to mitigate such risks.
• Risks associated with SHEIN’s addictive design, including reward systems for engagement, and how SHEIN manages these risks.
• The systems SHEIN has in place to limit the sale of illegal products in the European Union, including content which could constitute child sexual abuse material, such as child-like sex dolls.

While the latter has raised significant concerns, the addictive design dimension has attracted particular attention. Regulators have examined whether certain platform features:

• Encourage compulsive engagement through reward systems;
• Use gamified discounts or points to incentivise repeated daily interaction;
• Deploy time-limited offers and scarcity cues that intensify urgency; and
• Combine infinite scrolling with algorithmic personalisation to sustain prolonged browsing.

The concern is not merely commercial aggressiveness. The regulatory question is whether these mechanisms, individually or cumulatively, “materially distort or impair” users’ ability to make autonomous and informed decisions, within the meaning of Article 25 DSA.

In the SHEIN case, the Commission has reportedly scrutinised whether engagement-based reward mechanisms and continuous scrolling structures create behavioural dependency patterns that negatively affect users’ wellbeing – particularly minors.

This represents a significant conceptual shift.

Addictive design is no longer framed solely as deceptive marketing.  

The concept of addictive design is no longer viewed exclusively through the lens of deceptive commercial practices, a term rooted in consumer protection laws that refers to tactics intended to mislead or manipulate consumers’ purchasing decisions.

It is increasingly treated as a risk amplifier, capable of:

• Intensifying impulsive purchasing behaviour;
• Exposing minors to prolonged commercial pressure;
• Reducing meaningful reflection before transactional decisions; and
• Reinforcing algorithmic feedback loops that prioritise engagement over user welfare.

Where recommender systems are optimised for maximum retention rather than informed choice, the design architecture itself becomes the object of regulatory assessment.

Transparency obligations and recommender systems

The DSA requires platforms to disclose the main parameters used in their recommender systems and to provide at least one option not based on profiling.

In SHEIN’s case, regulators have examined whether users are given a genuinely accessible, non-profiled alternative – and whether explanations provided about recommendation logic are sufficiently clear and meaningful.

If recommender systems are tightly integrated with addictive engagement features, the transparency obligation becomes central. Without clear disclosure, users cannot meaningfully understand why they are being shown particular products, promotions, or urgency cues.

This intertwines design, data, and autonomy into a single compliance framework.

The broader legal significance

The SHEIN proceedings demonstrate three important developments in EU digital law enforcement:

• Design architecture is now squarely within regulatory scope. Interface structure, gamification, and engagement mechanics are subject to legal review, not merely marketing strategy.
• Regulators are willing to assess cumulative behavioural impact. A single feature may not breach the DSA, but the combined effect of multiple engagement drivers may amount to systemic distortion.
• Enforcement is increasingly coordinated across instruments – DSA, consumer law, product safety rules and potentially GDPR – creating layered compliance exposure.

Companies found in breach of the DSA may face fines of up to 6% of global annual turnover, alongside corrective orders, and enhanced monitoring.

The direction of travel is clear: engagement optimisation must be reconciled with autonomy protection.

Platforms engaging with the EU market should proactively assess and document the behavioural impact of interface features, align reward and urgency mechanisms with DSA standards, ensure recommender system disclosures are clear, add friction points to limit excessive engagement, and record risk mitigation strategies as required by law.

Crucially, compliance must be integrated into the product development lifecycle rather than treated as a post-design audit exercise.

The SHEIN case signals that regulators will assess not only what platforms say, but how they are built.

Addictive design is no longer merely a reputational issue – it is a compliance obligation.

Therefore, digital platforms operating within or targeting the EU market should:

• Conduct internal design audits assessing autonomy distortion risks.
• Review recommender system transparency disclosures.
• Re-evaluate gamification and urgency mechanisms.
• Integrate compliance review into product development cycles.
• Document systemic risk mitigation measures under the DSA framework.

Enforcement trends and regulatory risk exposure

The DSA provides the European Commission with investigative and enforcement powers, including interim measures and fines of up to 6% of global annual turnover for infringements.

Other platforms, including Temu and Meta, have faced scrutiny regarding recommender systems and potential addictive effects on minors.

However, the SHEIN proceedings are distinctive in that they centre on a hybrid e-commerce model combining:

• Ultra-fast product cycles,
• Gamified purchasing incentives,
• Personalised recommendation architecture,
• High-frequency promotional messaging.

This convergence makes the case particularly instructive for digital marketplaces that rely on behavioural design strategies to drive conversion. The SHEIN investigation may well become a reference point for how EU regulators interpret addictive design under the DSA.

For digital businesses, the message is pragmatic rather than punitive: design choices are now legal choices.

Our Technology lawyers advise digital platforms, e-commerce operators, and technology developers on:

• Digital Services Act compliance and systemic risk assessments.
• Consumer protection and unfair commercial practices analysis.
• GDPR-compliant consent architecture and UX redesign.
• Regulatory engagement and response to information requests.
• Cross-border digital governance frameworks.

We provide strategic, legally grounded guidance that aligns product innovation with regulatory resilience.

Frequently Asked Questions

[answer]Addictive design refers to digital interface features that intentionally encourage prolonged or compulsive engagement, potentially impairing users’ ability to make autonomous and informed decisions. Such practices may fall within the prohibition of dark patterns under the Digital Services Act. [/answer]

[question]Does the Digital Services Act prohibit infinite scrolling? [/question]

[answer]The DSA does not explicitly ban infinite scrolling, but Article 25 prohibits interface practices that materially distort user autonomy. Where infinite scrolling contributes to systemic risks or manipulative engagement, it may trigger regulatory scrutiny. [/answer]

[question]How does the SHEIN investigation relate to addictive design? [/question]

[answer]The European Commission’s proceedings examine whether features such as engagement-based rewards, urgency cues and personalised recommender systems create risks linked to addictive behaviour, consumer protection, and minor safety under the DSA framework. [/answer]

[question]What penalties apply for breaches of the DSA? [/question]

[answer]For large online platforms, infringements of the DSA may result in fines of up to 6% of global annual turnover, in addition to corrective measures and enhanced supervision by the European Commission. [/answer]